Class GlobalIds


  • public final class GlobalIds
    extends Object
    This class contains constants that must be defined globally but are not to be used by external programs. The constants are used internally by Fortress when looking up cfg values, performing maintenance on standard and custom ldap objects and attributes, instantiating manager instances, validating objects and attributes, and more. Some of the values for public constants defined here must be known to end users of system to declare system cfg parameters, see Config. For example the SUFFIX constant uses key name suffix which must have a corresponding value, i.e. dc=example,dc=com, which tells location of Directory Information Tree to the Fortress runtime processor.

    This class is thread safe.

    Author:
    Apache Directory Project
    • Field Detail

      • ACCESS_IMPLEMENTATION

        public static final String ACCESS_IMPLEMENTATION
        When this optional tag, accessmgr.implementation, is placed in Fortress properties, its class name will be the default AccessMgr instance used.
        See Also:
        Constant Field Values
      • ADMIN_IMPLEMENTATION

        public static final String ADMIN_IMPLEMENTATION
        When this optional tag, adminImplementation, is placed in Fortress properties, its class name will be the default AdminMgr instance used.
        See Also:
        Constant Field Values
      • DAO_CONNECTOR

        public static final String DAO_CONNECTOR
        When this optional tag, daoConnector, is placed in Fortress properties,
        See Also:
        Constant Field Values
      • REVIEW_IMPLEMENTATION

        public static final String REVIEW_IMPLEMENTATION
        When this optional tag, reviewImplementation, is placed in Fortress properties, its class name will be the default ReviewMgr instance used.
        See Also:
        Constant Field Values
      • PSWD_POLICY_IMPLEMENTATION

        public static final String PSWD_POLICY_IMPLEMENTATION
        When this optional tag, policyImplementation, is placed in Fortress properties, its class name will be the default PwPolicyMgr instance used.
        See Also:
        Constant Field Values
      • AUDIT_IMPLEMENTATION

        public static final String AUDIT_IMPLEMENTATION
        When this optional tag, auditmgr.implementation, is placed in Fortress properties, its class name will be the default AuditMgr instance used.
        See Also:
        Constant Field Values
      • DELEGATED_ADMIN_IMPLEMENTATION

        public static final String DELEGATED_ADMIN_IMPLEMENTATION
        When this optional tag, delegatedAdminImplementation, is placed in Fortress properties, its class name will be the default DelAdminMgr instance used.
        See Also:
        Constant Field Values
      • DELEGATED_REVIEW_IMPLEMENTATION

        public static final String DELEGATED_REVIEW_IMPLEMENTATION
        When this optional tag, delegatedReviewImplementation, is placed in Fortress properties, its class name will be the default DelReviewMgr instance used.
        See Also:
        Constant Field Values
      • DELEGATED_ACCESS_IMPLEMENTATION

        public static final String DELEGATED_ACCESS_IMPLEMENTATION
        When this optional tag, delegatedAccessImplementation, is placed in Fortress properties, its class name will be the default DelAccessMgr instance used.
        See Also:
        Constant Field Values
      • CONFIG_IMPLEMENTATION

        public static final String CONFIG_IMPLEMENTATION
        When this optional tag, configImplementation, is placed in Fortress properties, its class name will be the default {link ConfigMgr} instance used.
        See Also:
        Constant Field Values
      • ACCEL_IMPLEMENTATION

        public static final String ACCEL_IMPLEMENTATION
        When this optional tag, accelsmgr.implementation, is placed in Fortress properties, its class name will be the default AccelMgr instance used.
        See Also:
        Constant Field Values
      • GROUP_IMPLEMENTATION

        public static final String GROUP_IMPLEMENTATION
        When this optional tag, groupImplementation, is placed in Fortress properties, its class name will be the default {link GroupMgr} instance used.
        See Also:
        Constant Field Values
      • PROPERTY_IMPLEMENTATION

        public static final String PROPERTY_IMPLEMENTATION
        When this optional tag, propertyImplementation, is placed in Fortress properties, its class name will be the default PropertyMgr instance used.
        See Also:
        Constant Field Values
      • AUTHENTICATION_TYPE

        public static final String AUTHENTICATION_TYPE
        This property is used to specify if authentication is being performed within a security realm.
        See Also:
        Constant Field Values
      • VALIDATOR_PROPS

        public static final String VALIDATOR_PROPS
        Used to declare validation modules that are used to process constraint checks during session activation.
        See Also:
        Constant Field Values
      • DSD_VALIDATOR_PROP

        public static final String DSD_VALIDATOR_PROP
        The DSD validator performs Dynamic Separation of Duty checks during role activation.
        See Also:
        Constant Field Values
      • SUFFIX

        public static final String SUFFIX
        Parameter specifies the distinguished name (dn) of the LDAP suffix. The is the root or top-most node for a Directory Information Tree (DIT). The typical Fortress suffix format is dc=example,dc=com.
        See Also:
        Constant Field Values
      • USER_ROOT

        public static final String USER_ROOT
        Specifies the dn of the container where the Fortress User data set is located within DIT. This is typically in the format of ou=People, dc=example, dc=com
        See Also:
        Constant Field Values
      • PERM_ROOT

        public static final String PERM_ROOT
        Specifies the dn of the container where the Fortress Permissions are located. This is typically in the format of ou=Permissions,ou=RBAC,dc=example,dc=com
        See Also:
        Constant Field Values
      • ROLE_ROOT

        public static final String ROLE_ROOT
        Specifies the dn of the container where the Fortress RBAC Roles are located. This is typically in the format of ou=Roles,ou=RBAC,dc=example,dc=com
        See Also:
        Constant Field Values
      • PPOLICY_ROOT

        public static final String PPOLICY_ROOT
        Specifies the dn of the container where the Fortress Password Polices are located. This is typically in the format of ou=Policies,dc=example,dc=com
        See Also:
        Constant Field Values
      • SD_ROOT

        public static final String SD_ROOT
        Specifies the dn of the container where the Fortress SSD and DSD constraints are located. This is typically in the format of ou=Constraints,ou=RBAC,dc=example,dc=com
        See Also:
        Constant Field Values
      • OSU_ROOT

        public static final String OSU_ROOT
        Specifies the dn of the container where the Fortress User OU pools are located. This is typically in the format of ou=OS-U,ou=ARBAC,dc=example,dc=com
        See Also:
        Constant Field Values
      • PSU_ROOT

        public static final String PSU_ROOT
        Specifies the dn of the container where the Fortress Permission OU pools are located. This is typically in the format of ou=OS-P,ou=ARBAC,dc=example,dc=com
        See Also:
        Constant Field Values
      • ADMIN_ROLE_ROOT

        public static final String ADMIN_ROLE_ROOT
        Specifies the dn of the container where the Fortress Administrative Roles are located. This is typically in the format of ou=AdminRoles,ou=ARBAC,dc=example,dc=com
        See Also:
        Constant Field Values
      • ADMIN_PERM_ROOT

        public static final String ADMIN_PERM_ROOT
        Specifies the dn of the container where the Fortress Administrative Permissions are located. This is typically in the format of ou=AdminPerms,ou=ARBAC,dc=example,dc=com
        See Also:
        Constant Field Values
      • GROUP_ROOT

        public static final String GROUP_ROOT
        Specifies the dn of the container where the Groups are located. This is typically in the format of ou=Groups,dc=example,dc=com
        See Also:
        Constant Field Values
      • ADS_PPOLICY_ROOT

        public static final String ADS_PPOLICY_ROOT
        Specifies the dn of the container where password policies are stored in ApachDS. This is typically here: ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
        See Also:
        Constant Field Values
      • AUTHZ_COMPARE_FAILURE_FLAG

        public static final int AUTHZ_COMPARE_FAILURE_FLAG
        See Also:
        Constant Field Values
      • FAILED_AUTHZ_INDICATOR

        public static final String FAILED_AUTHZ_INDICATOR
        This string will be appended to the operation name to force failure on compare.
        See Also:
        Constant Field Values
      • FT_MODIFIER_AUX_OBJECT_CLASS_NAME

        public static final String FT_MODIFIER_AUX_OBJECT_CLASS_NAME
        This aux object class contains Fortress audit contextual information.
        See Also:
        Constant Field Values
      • FT_CONFIG_AUX_OBJECT_CLASS_NAME

        public static final String FT_CONFIG_AUX_OBJECT_CLASS_NAME
        This aux object class stores uidNumber and gidNumber sequence numbers.
        See Also:
        Constant Field Values
      • FT_MODIFIER

        public static final String FT_MODIFIER
        The ftModifier contains the internalUserId of administrator who performed action.
        See Also:
        Constant Field Values
      • FT_MODIFIER_CODE

        public static final String FT_MODIFIER_CODE
        The ftModCode attribute contains the permission object name and operation of admin function performed.
        See Also:
        Constant Field Values
      • FT_MODIFIER_ID

        public static final String FT_MODIFIER_ID
        The ftModId contains a globally unique id that is bound to the audit event entity.
        See Also:
        Constant Field Values
      • FT_IID

        public static final String FT_IID
        The ftId contains a globally unique id that is bound to the application entity.
        See Also:
        Constant Field Values
      • FILTER_PREFIX

        public static final String FILTER_PREFIX
        This string literal contains a common start for most ldap search filters that fortress uses.
        See Also:
        Constant Field Values
      • PROPS_AUX_OBJECT_CLASS_NAME

        public static final String PROPS_AUX_OBJECT_CLASS_NAME
        The ftProperties object class contains name-value pairs that are neither validated nor constrained. Properties are application defined parameters and clients may store any reasonable values.
        See Also:
        Constant Field Values
      • PROPS

        public static final String PROPS
        The ftProps attribute contains a single name-value pairs that is : separated.
        See Also:
        Constant Field Values
      • ROLE_OBJECT_CLASS_NM

        public static final String ROLE_OBJECT_CLASS_NM
        The object class is used to store Fortress Role entity data.
        See Also:
        Constant Field Values
      • CONSTRAINT

        public static final String CONSTRAINT
        This single occurring attribute is used to store constraint policies on Fortress User objects.
        See Also:
        Constant Field Values
      • USER_ROLE_DATA

        public static final String USER_ROLE_DATA
        multivalued attribute contains constraint policies for RBAC Role assignments for Users.
        See Also:
        Constant Field Values
      • USER_ADMINROLE_ASSIGN

        public static final String USER_ADMINROLE_ASSIGN
        multivalued attribute contains Administrative Role assignments for Users.
        See Also:
        Constant Field Values
      • USER_ADMINROLE_DATA

        public static final String USER_ADMINROLE_DATA
        multivalued attribute contains constraint policies for Administrative Role assignments for Users.
        See Also:
        Constant Field Values
      • POBJ_NAME

        public static final String POBJ_NAME
        Attribute name for storing Fortress permission object names.
        See Also:
        Constant Field Values
      • POBJ_ID

        public static final String POBJ_ID
        Attribute name for storing Fortress permission object id.
        See Also:
        Constant Field Values
      • PARENT_NODES

        public static final String PARENT_NODES
        Attribute name for storing parent node names for hierarchical processing.
        See Also:
        Constant Field Values
      • TYPE

        public static final String TYPE
        Attribute name for storing type on either permission or groups.
        See Also:
        Constant Field Values
      • USERID_LEN

        public static final int USERID_LEN
        Fortress userId cannot exceed length of 40.
        See Also:
        Constant Field Values
      • ROLE_LEN

        public static final int ROLE_LEN
        Fortress role names cannot exceed length of 40.
        See Also:
        Constant Field Values
      • DESC_LEN

        public static final int DESC_LEN
        Fortress description text cannot exceed length of 80.
        See Also:
        Constant Field Values
      • PERM_LEN

        public static final int PERM_LEN
        Fortress permission names cannot exceed length of 100.
        See Also:
        Constant Field Values
      • PASSWORD_LEN

        public static final int PASSWORD_LEN
        Fortress User passwords must have length of 50 or less..
        See Also:
        Constant Field Values
      • PWPOLICY_NAME_LEN

        public static final int PWPOLICY_NAME_LEN
        Fortress password policy names cannot exceed length of 40.
        See Also:
        Constant Field Values
      • OU_LEN

        public static final int OU_LEN
        Fortress ou's cannot exceed length of 40.
        See Also:
        Constant Field Values
      • SN_LEN

        public static final int SN_LEN
        Fortress User surname cannot exceed length of 80.
        See Also:
        Constant Field Values
      • CN_LEN

        public static final int CN_LEN
        Fortress common name attributes cannot exceed length of 80.
        See Also:
        Constant Field Values
      • PROP_LEN

        public static final int PROP_LEN
        Fortress properties cannot exceed length of 100.
        See Also:
        Constant Field Values
      • LDAP_FILTER

        public static final String LDAP_FILTER
        Used to define characters that must be encoded before being processed by ldap operations.
        See Also:
        Constant Field Values
      • LDAP_SUB

        public static final String LDAP_SUB
        Used to define encoded replacements for characters to be filtered.
        See Also:
        Constant Field Values
      • LDAP_FILTER_SIZE_PROP

        public static final String LDAP_FILTER_SIZE_PROP
        Defines how many entries are to be stored in the encoding set.
        See Also:
        Constant Field Values
      • LDAP_ADMIN_POOL_MIN

        public static final String LDAP_ADMIN_POOL_MIN
        Used for ldap connection pool of admin users.
        See Also:
        Constant Field Values
      • LDAP_LOG_POOL_UID

        public static final String LDAP_LOG_POOL_UID
        Used for ldap connection pool of log users.
        See Also:
        Constant Field Values
      • TEST_ON_BORROW

        public static final String TEST_ON_BORROW
        Applies to all pools, connection validated on retrieval with dummy ldapsearch.
        See Also:
        Constant Field Values
      • TEST_ON_IDLE

        public static final String TEST_ON_IDLE
        Applies to all pools, connection validated when idle with dummy ldapsearch.
        See Also:
        Constant Field Values
      • IS_MAX_CONN_BLOCK

        public static final String IS_MAX_CONN_BLOCK
        Applies to all pools, when all connections are exhausted will block. (default is true)
        See Also:
        Constant Field Values
      • MAX_CONN_BLOCK_TIME

        public static final String MAX_CONN_BLOCK_TIME
        Applies to all pools, when all connections are exhausted will block for this many milliseconds. (default is 5000)
        See Also:
        Constant Field Values
      • LDAP_FILTER_SIZE

        public static final int LDAP_FILTER_SIZE
        Maximum number of entries allowed for ldap filter replacements.
      • CONFIG_REALM

        public static final String CONFIG_REALM
        This property contains the location for the remote Fortress properties stored in ldap. This is typically in the format of cn=DEFAULT,ou=Config,dc=example,dc=com
        See Also:
        Constant Field Values
      • CONFIG_UID_NUMBER

        public static final String CONFIG_UID_NUMBER
        This config is used to retrieve uidNumber from property list during file load.
        See Also:
        Constant Field Values
      • CONFIG_GID_NUMBER

        public static final String CONFIG_GID_NUMBER
        This config is used to retrieve uidNumber from property list during file load.
        See Also:
        Constant Field Values
      • PROP_SEP

        public static final char PROP_SEP
        Fortress stores name-value pairs within multivalued attributes in ldap. Usually a separator of ':' is used format: name:value,
        See Also:
        Constant Field Values
      • BATCH_SIZE

        public static final int BATCH_SIZE
        Maximum number of records for ldap client to wait on while processing results sets from ldap server.
        See Also:
        Constant Field Values
      • CONFIG_LDAP_MAX_BATCH_SIZE

        public static final String CONFIG_LDAP_MAX_BATCH_SIZE
        This is the config property key used to store override of max LDAP batch size:
        See Also:
        Constant Field Values
      • NONE

        public static final String NONE
        Attribute is used in Fortress time/date constraints as default which will always pass. i.e. values stored as beginDate=none or beginTime=none will turn the date and time constraints off for a particular entity..
        See Also:
        Constant Field Values
      • ALL

        public static final String ALL
        Attribute is used in Fortress day mask constraints as default which will always pass. i.e. values stored as dayMask=all will always pass the day of week constraint.
        See Also:
        Constant Field Values
      • FT_PERMISSION_ATTRIBUTE

        public static final String FT_PERMISSION_ATTRIBUTE
        The ftPA field contains attributes and associated metadata for permissions.
        See Also:
        Constant Field Values
      • FT_PERMISSION_ATTRIBUTE_SET

        public static final String FT_PERMISSION_ATTRIBUTE_SET
        The ftPASet field contains the name of the ftPermissionAttributeSet for a permission
        See Also:
        Constant Field Values
      • PERMISSION_ATTRIBUTE_SET_NAME

        public static final String PERMISSION_ATTRIBUTE_SET_NAME
        Attribute name for storing Fortress permission attribute set object names.
        See Also:
        Constant Field Values
      • USER_CREATION_PASSWORD_FIELD

        public static final String USER_CREATION_PASSWORD_FIELD
        When this property is set to true in fortress.properties, the userPassword field on newly created users will not be created.
        See Also:
        Constant Field Values
      • FT_PERMISSION_ATTRIBUTE_SET_TYPE

        public static final String FT_PERMISSION_ATTRIBUTE_SET_TYPE
        The ftPASetType field contains the user defined type of a pa set
        See Also:
        Constant Field Values
      • PERMISSION_ATTRIBUTE_NAME

        public static final String PERMISSION_ATTRIBUTE_NAME
        Attribute name for storing Fortress permission attribute set object names.
        See Also:
        Constant Field Values
      • FT_PERMISSION_ATTRIBUTE_DATA_TYPE

        public static final String FT_PERMISSION_ATTRIBUTE_DATA_TYPE
        Attribute name for storing Fortress permission attribute data type name.
        See Also:
        Constant Field Values
      • FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE

        public static final String FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE
        Attribute name for storing Fortress permission attribute default value name.
        See Also:
        Constant Field Values
      • FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY

        public static final String FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY
        Attribute name for storing Fortress permission attribute default strategy name.
        See Also:
        Constant Field Values
      • FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR

        public static final String FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR
        Attribute name for storing Fortress permission attribute set default operator name.
        See Also:
        Constant Field Values
      • FT_PERMISSION_ATTRIBUTE_VALID_VALUES

        public static final String FT_PERMISSION_ATTRIBUTE_VALID_VALUES
        Attribute name for storing Fortress permission attribute valid vals name.
        See Also:
        Constant Field Values
      • HTTP_UID_PROP

        public static final String HTTP_UID_PROP
        Attribute name for property containing HTTP service account userId.
        See Also:
        Constant Field Values
      • HTTP_PW_PROP

        public static final String HTTP_PW_PROP
        Attribute name for property containing HTTP service account password.
        See Also:
        Constant Field Values
      • IS_ARBAC02

        public static final String IS_ARBAC02
        Attribute name for property ARBAC02 enforcement boolean.
        See Also:
        Constant Field Values
    • Constructor Detail

      • GlobalIds

        public GlobalIds()